[expert] problems with pppd

[Tom Strickland]

More precise than my earlier post...
My ISP uses CHAP auth for its dialup. I have the trace of my
connection below - what is going wrong?

Thanks,

tom

Aug  2 23:51:29 lyra pppd[4792]: pppd 2.4.0 started by root, uid 0
Aug  2 23:51:52 lyra pppd[4792]: Serial connection established.
Aug  2 23:51:52 lyra pppd[4792]: using channel 7
Aug  2 23:51:52 lyra pppd[4792]: Using interface ppp0
Aug  2 23:51:52 lyra pppd[4792]: Connect: ppp0 -- /dev/ttyS1
Aug  2 23:51:53 lyra pppd[4792]: sent [LCP ConfReq id=0x1 asyncmap 0x0 magic 
0x5e52c5eb pcomp accomp]
Aug  2 23:51:53 lyra pppd[4792]: rcvd [LCP ConfReq id=0x0]
Aug  2 23:51:53 lyra pppd[4792]: sent [LCP ConfAck id=0x0]
Aug  2 23:51:54 lyra pppd[4792]: rcvd [LCP TermAck id=0x0]
Aug  2 23:51:55 lyra pppd[4792]: rcvd [LCP ConfReq id=0x44 asyncmap 0xa auth 
chap MD5 magic 0x5ecb3bc1 pcomp accomp mrru 1524 endpoint 
[local:42.54.4d.44.49.50]]
Aug  2 23:51:55 lyra pppd[4792]: sent [LCP ConfRej id=0x44 mrru 1524]
Aug  2 23:51:56 lyra pppd[4792]: rcvd [LCP ConfReq id=0x45 asyncmap 0xa auth 
chap MD5 magic 0x5ecb3bc1 pcomp accomp endpoint [local:42.54.4d.44.49.50]]
Aug  2 23:51:56 lyra pppd[4792]: sent [LCP ConfAck id=0x45 asyncmap 0xa auth 
chap MD5 magic 0x5ecb3bc1 pcomp accomp endpoint [local:42.54.4d.44.49.50]]
Aug  2 23:51:56 lyra pppd[4792]: sent [LCP ConfReq id=0x1 asyncmap 0x0 magic 
0x5e52c5eb pcomp accomp]
Aug  2 23:51:56 lyra pppd[4792]: rcvd [LCP ConfAck id=0x1 asyncmap 0x0 magic 
0x5e52c5eb pcomp accomp]
Aug  2 23:51:56 lyra pppd[4792]: rcvd [CHAP Challenge id=0x6d 
f79a4ce9be413ee0e0c032b2cb5e03ed, name = BTMDIP]
Aug  2 23:51:56 lyra pppd[4792]: sent [CHAP Response id=0x6d 
376a25c85033e54e797e9dfa0ec7f804, name = [EMAIL PROTECTED]]
Aug  2 23:52:09 lyra last message repeated 4 times
Aug  2 23:52:09 lyra pppd[4792]: rcvd [CHAP Success id=0x6d ]
Aug  2 23:52:09 lyra pppd[4792]: sent [IPCP ConfReq id=0x1 addr 0.0.0.0 compress VJ 
0f 01]
Aug  2 23:52:09 lyra pppd[4792]: sent [CCP ConfReq id=0x1 deflate 15 deflate(old#) 
15 bsd v1 15]
Aug  2 23:52:09 lyra pppd[4792]: rcvd [CHAP Success id=0x6d ]
Aug  2 23:52:09 lyra pppd[4792]: rcvd [IPCP ConfReq id=0x99 compress VJ 0f 00 addr 
213.120.208.201]
Aug  2 23:52:09 lyra pppd[4792]: sent [IPCP ConfAck id=0x99 compress VJ 0f 00 addr 
213.120.208.201]
Aug  2 23:52:09 lyra pppd[4792]: rcvd [IPCP ConfNak id=0x1 addr 217.32.145.59]
Aug  2 23:52:09 lyra pppd[4792]: sent [IPCP ConfReq id=0x2 addr 217.32.145.59 
compress VJ 0f 01]
Aug  2 23:52:09 lyra pppd[4792]: rcvd [LCP ProtRej id=0x46 80 fd 01 01 00 0f 1a 04 78 
00 18 04 78 00 15 03 2f]
Aug  2 23:52:09 lyra pppd[4792]: rcvd [IPCP ConfAck id=0x2 addr 217.32.145.59 
compress VJ 0f 01]
Aug  2 23:52:09 lyra pppd[4792]: local  IP address 217.32.145.59
Aug  2 23:52:09 lyra pppd[4792]: remote IP address 213.120.208.201
Aug  2 23:52:09 lyra pppd[4792]: Script /etc/ppp/ip-up started (pid 4844)
Aug  2 23:52:09 lyra pppd[4792]: Script /etc/ppp/ip-up finished (pid 4844), status = 
0x0
Aug  2 23:52:51 lyra pppd[4792]: Terminating on signal 15.
Aug  2 23:52:51 lyra pppd[4792]: Script /etc/ppp/ip-down started (pid 4853)
Aug  2 23:52:51 lyra pppd[4792]: sent [LCP TermReq id=0x2 User request]
Aug  2 23:52:52 lyra pppd[4792]: Script /etc/ppp/ip-down finished (pid 4853), status = 
0x0
Aug  2 23:52:52 lyra pppd[4792]: rcvd [LCP TermAck id=0x2]
Aug  2 23:52:52 lyra pppd[4792]: Connection terminated.
Aug  2 23:52:52 lyra pppd[4792]: Connect time 1.0 minutes.
Aug  2 23:52:52 lyra pppd[4792]: Sent 2607 bytes, received 5036 bytes.
Aug  2 23:52:52 lyra pppd[4792]: Hangup (SIGHUP)
Aug  2 23:52:52 lyra pppd[4792]: Exit.

[expert] panicking over xfdrake

[Tom Strickland]

When I try to use XFdrake it freezes at 'Preparing X-Window
configuration'. The freeze is complete and can't be exited using
Alt-SysReq. I have ended up restarting the machine umpteen times
because of this bloody thing. I've been syncing before typing 'XFdrake',
but even so this cannot be good for my filesystem. HELP. I have a
major deadline tomorrow and this has had me completely stumped for a
day - this could not come at a worse time.

I've tried XFdrake -expert -noauto
Same problem.
It appears to be hanging when it tries to autodetect the card.
The card is an S3 Trio 64V+.

Thanks,

Tom

Re: [expert] XFdrake freezes -- PLEASE help!

[Tom Strickland]

Thanks for the reply David,
I may well try that. At the moment I've reinstalled all that I can see
of X, also drakxtools and drakxtools-newt, and all of KDE. I used rpm
-ivh name --force.
I still can't get XFdrake to work, which is weird because it did
before. The freeze appears to take place at the card detection
stage. Adding the -expert and -noauto options makes no difference. At
the moment I am running fvwm from my own .xinitrc file. The whole
thing was put together using xf86config and a bit of hand-editing of
XF86Config. I can't get things to telinit 5 properly and KDE doesn't
work. I am confused as to how I have managed to fsck things up this
way...
The nice thing about Linux is that I'm fairly sure that it's me
that's messed up somewhere, I've just got to find out how!

Tom

On Wed, Jul 11, 2001 at 02:00:40PM -0600, David Joham wrote:
 What about downloading XConfigurator for RedHat and trying that?
 I'm coming in late to this conversation so apologies if this has already
 been suggested.
 -Original Message-
 From: Tom Strickland [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, July 11, 2001 4:34 AM
 To: expert-mandrake
 Subject: Re: [expert] XFdrake freezes -- PLEASE help!
 On Tue, Jul 10, 2001 at 08:00:42PM +, Tom Strickland wrote:
  I recently transferred my hard drives to a friend's machine to help
  him sort a problem out. I had to reconfigure X to get things
  moving. When I came home and tried to reconfigure X, I found that
  XFdrake completely freezes. What gives? I've done it enough times
  before. This is a total freeze - I can't change terminals or the caps
  lock light and I have to hard-reset.
  What am I doing wrong?
 I just can't work this out. The freeze is total - I can't even break out
 using Alt-SysReq. I've completely reinstalled X from rpms and I'm
 still stumped. BTW - what happened to Xconfigurator? It would be nice
 if I still had it as a 2nd option, but now it links to XFdrake.

[expert] XFdrake freezes -- help!

[Tom Strickland]

I recently transferred my hard drives to a friend's machine to help
him sort a problem out. I had to reconfigure X to get things
moving. When I came home and tried to reconfigure X, I found that
XFdrake completely freezes. What gives? I've done it enough times
before. This is a total freeze - I can't change terminals or the caps
lock light and I have to hard-reset.

What am I doing wrong?

Thanks,
Tom

[expert] what patches are applied to mdk kernels?

[Tom Strickland]

I'd like to download more recent kernels and patch them up to be the
equivalent of an update to the Mandrake-supplied kernels. Where can I
find a patch list? Hopefully I've missed it and it's somewhere in the
distribution.

Thanks,

tom

Re: [expert] what patches are applied to mdk kernels?

[Tom Strickland]

On Tue, Jul 03, 2001 at 02:17:48PM +0200, Laurent CREPET wrote:
 On Tue, Jul 03, 2001 at 10:56:42AM +, Tom Strickland wrote:
  I'd like to download more recent kernels and patch them up to be the
  equivalent of an update to the Mandrake-supplied kernels. Where can I
  find a patch list? Hopefully I've missed it and it's somewhere in the
  distribution.
 You can install the SRPM of the kernel, and look included patches
 and drives. Look at the kernel-2.4.spec file.
Ah - thanks. Of course, I'll have to download the SRPM, which is not
very small (phone bill). I suppose I could buy a copy of the source
CD... Even so, it would be nice to have a list of the patches on the
binaries CD so that we can patch a new copy of the kernel ourselves.

thanks again,

Tom

Re: [expert] hostname questions (again)

[Tom Strickland]

On Fri, Jun 29, 2001 at 09:17:00AM +0200, Andreas Grytz wrote:
 Hi Tom,
 
 Postfix con rewrite the sender field of all outgoing mail, but it's
 much work, if you have many users to administrate.
 add
 sender_canonical_maps = hash:/etc/postfix/sender_canonical
 
 to your postfix main.cf
 touch /etc/postfix/sender_canonical
 (vi|emacs) $_
 
 The format is like this
 
 [EMAIL PROTECTED]  [EMAIL PROTECTED]
 
 do
 /usr/sbinpostmap /etc/postfix/sender_canonical
 /usr/sbin/postfix reload


Hmmm - sounds great for my home machine, but not so great for the
charity. The idea is to set up a minimum administration system so that
an administrator is only needed to check the logs periodically and
patch the system. Backup, user admin, mail - nearly everything else
needs to be admin'd by the secretary. This is one area where Win NT
still manages to do a little better, but I'm not letting that back on
our server.
If we're delivering our mail as coming from ourcharity.org.uk and it's
being relayed through our ISP's SMTP server (BT), wouldn't it get
blocked at some point by spam filters?

Thanks,

Tom

 On Thu, Jun 28, 2001 at 05:07:07PM +, Tom Strickland wrote:
  On Thu, Jun 28, 2001 at 07:33:38AM -0700, Rusty Carruth wrote:
   Tom Strickland [EMAIL PROTECTED] wrote:
Our server is about to be connected to the Internet through a dialup
modem. Naive question:
Is it OK to give our network/server any old domain name? To the
outside world we will be the domain set by our ISP, but can I set the
domain in our LAN to something like smith.jones?
   
   It may work, it may not.
   
   A lot depends upon how you set up your mail.
  
  Thanks.
  That's what I thought. Running postfix as SMTP, fetchmail to hit POP
  boxes at the ISP.
  
   If you try to send mail to your ISP from [EMAIL PROTECTED], and your
   isp is jones.smith, then your isp will most likely deny you the
   relay that it thinks you are asking for when you try to send email
   to anyone outside the jones.smith (and possibly smith.jones) domain(s).
   
   If, however, you send email directly from your smith.jones side then
   you might (should?) be ok.  (But beware - strange things may happen on
   INCOMING email ;-)
  
  We'll be using a domain along the lines of ourcharity.org.uk anyway
  (got to buy the domain), with mail forwarding, so we'll have to get
  around similar problems. We'll have mail to:
  our ISP's accounts
  our purchased domain
  the local hostname - deliberately totally different from the other 2
  domains.
  ... all of which must be dealt with by Postfix. I assume that it can
  cope. I'm also worried about zealous spam filters on mailing lists
  detecting an untraceable mailer - that shouldn't be a problem should
  it?
  
   I had a setup like that for a while - I was descomp.phx.inficad.com
   AND descomp.com for a long time, and it worked fine as long as I 
   sent email directly out from my descomp.com domain (i.e. I ran
   postfix on descomp.com and IT was a 'smart mailer' (in the old
   sendmail terminology :-)  So it can work fine.  It helps if you
   set your mailer to accept mail for BOTH domains.

Re: [expert] hostname questions (again)

[Tom Strickland]

On Fri, Jun 29, 2001 at 05:08:13PM +0800, Franki wrote:
 you should check out if that is available in webmin, I know it is for
 Sendmail, so I wounldn't be surprised if it was for Postfix as well.

Sorry, just to be clear: I take it you're referring to the ease with
which you can admin the MDA from Webmin? Thanks - I was going to use
Webmin anyway, but I would still like to keep the number of steps to
set up a new user down to a minimum.
I should have been more clear in my last posting: my main question
was:
If we're delivering our mail as coming from ourcharity.org.uk and it's
being relayed through BT's (our new ISP) SMTP server, wouldn't it get
blocked at some point by spam filters (e.g. on mailing lists, people's
home machines)? Or have I misunderstood something?

Thanks,

Tom

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Strickland
 Sent: Friday, 29 June 2001 5:51 PM
 To: expert-mandrake
 Subject: Re: [expert] hostname questions (again)
 
 
 On Fri, Jun 29, 2001 at 09:17:00AM +0200, Andreas Grytz wrote:
  Hi Tom,
 
  Postfix con rewrite the sender field of all outgoing mail, but it's
  much work, if you have many users to administrate.
  add
  sender_canonical_maps = hash:/etc/postfix/sender_canonical
 
  to your postfix main.cf
  touch /etc/postfix/sender_canonical
  (vi|emacs) $_
 
  The format is like this
 
  [EMAIL PROTECTED]  [EMAIL PROTECTED]
 
  do
  /usr/sbinpostmap /etc/postfix/sender_canonical
  /usr/sbin/postfix reload
 
 
 Hmmm - sounds great for my home machine, but not so great for the
 charity. The idea is to set up a minimum administration system so that
 an administrator is only needed to check the logs periodically and
 patch the system. Backup, user admin, mail - nearly everything else
 needs to be admin'd by the secretary. This is one area where Win NT
 still manages to do a little better, but I'm not letting that back on
 our server.
 If we're delivering our mail as coming from ourcharity.org.uk and it's
 being relayed through our ISP's SMTP server (BT), wouldn't it get
 blocked at some point by spam filters?
 
 Thanks,
 
 Tom
 
  On Thu, Jun 28, 2001 at 05:07:07PM +, Tom Strickland wrote:
   On Thu, Jun 28, 2001 at 07:33:38AM -0700, Rusty Carruth wrote:
Tom Strickland [EMAIL PROTECTED] wrote:
 Our server is about to be connected to the Internet through a dialup
 modem. Naive question:
 Is it OK to give our network/server any old domain name? To the
 outside world we will be the domain set by our ISP, but can I set
 the
 domain in our LAN to something like smith.jones?
   
It may work, it may not.
   
A lot depends upon how you set up your mail.
  
   Thanks.
   That's what I thought. Running postfix as SMTP, fetchmail to hit POP
   boxes at the ISP.
  
If you try to send mail to your ISP from [EMAIL PROTECTED], and your
isp is jones.smith, then your isp will most likely deny you the
relay that it thinks you are asking for when you try to send email
to anyone outside the jones.smith (and possibly smith.jones)
 domain(s).
   
If, however, you send email directly from your smith.jones side then
you might (should?) be ok.  (But beware - strange things may happen on
INCOMING email ;-)
  
   We'll be using a domain along the lines of ourcharity.org.uk anyway
   (got to buy the domain), with mail forwarding, so we'll have to get
   around similar problems. We'll have mail to:
   our ISP's accounts
   our purchased domain
   the local hostname - deliberately totally different from the other 2
   domains.
   ... all of which must be dealt with by Postfix. I assume that it can
   cope. I'm also worried about zealous spam filters on mailing lists
   detecting an untraceable mailer - that shouldn't be a problem should
   it?
  
I had a setup like that for a while - I was descomp.phx.inficad.com
AND descomp.com for a long time, and it worked fine as long as I
sent email directly out from my descomp.com domain (i.e. I ran
postfix on descomp.com and IT was a 'smart mailer' (in the old
sendmail terminology :-)  So it can work fine.  It helps if you
set your mailer to accept mail for BOTH domains.

Re: [expert] hostname questions (again)

[Tom Strickland]

Thank you Rusty!

On Fri, Jun 29, 2001 at 08:00:57AM -0700, Rusty Carruth wrote:
 Tom Strickland [EMAIL PROTECTED] wrote:
  ...
  I should have been more clear in my last posting: my main question was:
  If we're delivering our mail as coming from ourcharity.org.uk and it's
  being relayed through BT's (our new ISP) SMTP server, wouldn't it get
  blocked at some point by spam filters (e.g. on mailing lists, people's
  home machines)? Or have I misunderstood something?
 
 All *correctly configured* (see notes 1 and 2) ISPs these days have their
 smtp servers set up to not relay mail.  What does this mean?  It means
 that, if you connect to the smtp server (port 25) on their machine
 then either you are from their domain or not.   If you are inside 
 their domain(s) then you can send anywhere; if you are NOT from 
 inside their domain(s) then you can only send to recipients inside 
 their domain(s) (see note 3).
 
 Huh?  Well, if you connect to your isp (say, thatisp.uk), and tell them 
 you are ourcharity.org.uk then you are not sending from inside their domain
 (probably - it depends upon exactly how they check your inside-ness!),
 and thus you will only be able to send email to recipients whose email
 addresses end in 'thatisp.uk' - probably not too useful.  (See note 4)

Well, currently I'm with Demon, who use POP-before-SMTP to do auth. I
don't know about our new ISP: I've had BT forced on me - I hope they're
as good as Demon.

 However, if your firewall (or whatever) is set up as a 'smart smtp server'
 (again, terminology from the 'old days' ;-), then everyone inside 
 ourcharity.org.uk would send email using THAT machine (which would
 perform that relay test and see that you are sending email from INSIDE
 ourcharity.org.uk and thus allow it).  The 'smart smtp server' would
 then send that email directly to the recipient machine, bypassing your
 ISP's smtp server entirely.  (Again, this is how I have mine set up,
 and it works fine.)  (Alternatively, you can just have the client
 machines send directly to the recipient, but that's usually a quite
 a bit more of a hassle).

This is exactly what I had in mind. Once kernel 2.4 is sufficiently
stable we'll have a full-blown application firewall using port
redirection for ports 25 and 80 to Postfix and a web-proxy. No
connection to the net without authentication and (if I can get it
right) a lock-down on everything else. This will also allow us to
virus-scan all mail traffic in both directions.

Your othe email was very helpful too - more comments there.

Thanks,

Tom

Re: [expert] hostname questions (again)

[Tom Strickland]

On Fri, Jun 29, 2001 at 08:17:10AM -0700, Rusty Carruth wrote:
 Tom Strickland [EMAIL PROTECTED] wrote:
  Hmmm - sounds great for my home machine, but not so great for the
  charity. The idea is to set up a minimum administration system so that
  an administrator is only needed to check the logs periodically and
  patch the system. Backup, user admin, mail - nearly everything else
  needs to be admin'd by the secretary. This is one area where Win NT
  still manages to do a little better, but I'm not letting that back on
  our server.
 
 I was originally not going to send this to the entire list until I
 realized that someone may know of other differences than I have
 thought of.

 On the admin side:
 
 1 - You may want to set up sudo scripts to perform tasks like adding users
 and so forth.

On my todo list, certainly.

 2 - Think about who you really want to handle bounce messages (ok, I suppose
   this is more of a problem for smart smtp servers, but not much more,
   as people would be getting bounce messages anyway, its just that the
   ADMIN can get them too if you are the smart smtp server)

Yes - this is part of my (growing) todo list. One person gets all
bounces and re-routes them if necessary. A list of rules needs to be
written so as to decide what to do with various bounces.

 3 - Same goes for other admin email - I assume you all are training the
   secretary which ones can be filed and which need 'professional
   help' ?

Yes - the secretary and information officer will share the admin roles
with clear divisions of responsibility.

 4 - What part of backup is going to be admin'd by the secretary?
   I'd think you'd set it up so that they just have to change
   tapes? (And perhaps add or remove items from the 'things to
   back up' list)

Brief: mainly changing the tapes.
Longer: To make things simple a full backup will be done every night
(working days). Training will be given in simple file recovery. We're
currently deciding between Amanda and Arkeia. If I can help it, I'd
prefer Amanda. One large tar or dump to tape seems more recoverable in
the event of mild corruption than Arkeia's propietary format. OTOH,
Arkeia has a pretty front-end that is more friendly to non-techies.

 5 - Same for user admin - I assume you just mean being able to add
   and remove users? I've never needed this, but I suggest sudo
   (e.g. to allow the secretary to run 'useradd' or 'adduser')
   (You may not want this on  your firewall!)

Since we're a small-ish branch (of the national charity MIND) we've
just got the one computer for firewall, internet gateway, Samba, web,
mail, database and backup. Fun. Some phrase containing the words 'egg'
and 'basket' is hovering at the edge of my mind, but I can't quite
make it out :-) So far the budget hasn't even stretched to RAID and
we've only just bought the tape drive - I had to waive my costs to
afford a nicer model: DDS4 - if only we could have stretched to DLT.

Anyway, I'm going to use sudo for this. If I could just unify all the
password schemes... We'll be using wwwoffle (dialup http proxy) but
I'd consider changing to Squid if Squid's auth uses PAM. wwwoffle
stores passwords in the clear in its conf file. Not good.

 6 - Again, same for mail admin.  Are you thinking just for adding
   and removing mail users?  Or do you have a mailing list (or
   more)?  An awful lot can be done with scripts (shell, perl,
   awk, sed, whatever ;-) that you allow certain folks (i.e. the
   secretary) to run using sudo.

Thankfully, no mailing lists at the moment. We just need to add/remove
users. To be honest, if I can get the scripts right and write the docs
in time, I'd like to dump Webmin on the principle that I wouldn't need
it and it's just one more network vulnerability.

   But in any case, consider whether you want your mail server to
   also be your firewall (I actually am beginning to think that I
   hope its not ;-), and whether the accounts need to actually be
   ON the mail machine (so the mail 'lands' there) or on the
   user's machines (so that the mail 'pauses' on your mail
   machine but 'lands' on each user's machine - this is probably
   NOT what you want, but I thought i'd mention it anyway).

Here's the plan: use Postfix for MDA and Cyrus IMAP. Both provide SASL
facilities to authenticate users so I can authenticate incoming and
outgoing mail. IMAP's important - I try to force users to store
everything on the server. It's more secure and easier to backup
If anything goes wrong, it's usually been one of the Windows machines
and they're not the most secure place for confidential docs anyway!
When I changed the My Documents link to point to H: (home share) and
told staff that from now on their computer could be wiped with little
or no notice, everything started getting kept on the server. If I keep
mail on the server too, then that's a security worry and a backup
worry gone

[expert] hostname questions (again)

[Tom Strickland]

Our server is about to be connected to the Internet through a dialup
modem. Naive question:
Is it OK to give our network/server any old domain name? To the
outside world we will be the domain set by our ISP, but can I set the
domain in our LAN to something like smith.jones?

Thanks,

Tom

Re: [expert] hostname questions (again)

[Tom Strickland]

On Thu, Jun 28, 2001 at 07:33:38AM -0700, Rusty Carruth wrote:
 Tom Strickland [EMAIL PROTECTED] wrote:
  Our server is about to be connected to the Internet through a dialup
  modem. Naive question:
  Is it OK to give our network/server any old domain name? To the
  outside world we will be the domain set by our ISP, but can I set the
  domain in our LAN to something like smith.jones?
 
 It may work, it may not.
 
 A lot depends upon how you set up your mail.

Thanks.
That's what I thought. Running postfix as SMTP, fetchmail to hit POP
boxes at the ISP.

 If you try to send mail to your ISP from [EMAIL PROTECTED], and your
 isp is jones.smith, then your isp will most likely deny you the
 relay that it thinks you are asking for when you try to send email
 to anyone outside the jones.smith (and possibly smith.jones) domain(s).
 
 If, however, you send email directly from your smith.jones side then
 you might (should?) be ok.  (But beware - strange things may happen on
 INCOMING email ;-)

We'll be using a domain along the lines of ourcharity.org.uk anyway
(got to buy the domain), with mail forwarding, so we'll have to get
around similar problems. We'll have mail to:
our ISP's accounts
our purchased domain
the local hostname - deliberately totally different from the other 2
domains.
... all of which must be dealt with by Postfix. I assume that it can
cope. I'm also worried about zealous spam filters on mailing lists
detecting an untraceable mailer - that shouldn't be a problem should
it?

 I had a setup like that for a while - I was descomp.phx.inficad.com
 AND descomp.com for a long time, and it worked fine as long as I 
 sent email directly out from my descomp.com domain (i.e. I ran
 postfix on descomp.com and IT was a 'smart mailer' (in the old
 sendmail terminology :-)  So it can work fine.  It helps if you
 set your mailer to accept mail for BOTH domains.

[expert] hostname questions

[Tom Strickland]

I am about to re-configure a simple Class C network of Win98
machines/Linux server to give the Win machines access to the
internet. I'll be using Postfix as a collection/relay point to relay
mail through the ISP's SMTP server when we go online.
I just want to check a few details on hostname:
Is it OK to give our network/server any old domain name? To the
outside world we will be the domain set by our ISP, but can I set the
domain in our LAN to something like smith.jones?

Thanks,

Tom

[expert] test

[Tom Strickland]

ping!

[expert] test

[Tom Strickland]

Re: [expert] syslog playing up

[Tom Strickland]

Matthias, Chris: Thanks for the suggestions. I have found the
solutions to both. The first is simple and is going to make me look
very stupid. I deserve it and must be punished. The second has had me
stumped for a while...

On Mon, Mar 05, 2001 at 10:17:51AM +, Tom Strickland wrote:
 Another problem:
 Recently the computer started freezing at startup unless I did the following:
 
 1) start as single user
 2) start syslog:
   # /etc/rc.d/init.d/syslog start
 3) carry on the startup (ctrl-d)
 
 logrotate isn't working either - it complains:
 
 # logrotate /etc/logrotate.conf
 error: syslog:211 duplicate log entry for /var/log/syslog
 
 The two problems may be separate - logrotate hasn't been working for a while.

Problem 1: syslog was disabled. I must have slipped up somewhere and
switched it off and then been too stupid and too quick posting to the
list to fix it myself.

Problem 2: logrotate problems.
I thought that it meant 'duplicate entries inside the log file for
syslog'. Wrong - it means that the /etc/logrotate.d/syslog file
contains duplicate entries for rotating /var/log/syslog like so:


# WARNING : don't use * wildcard as extension
# (glob in logrotate will try to rotate all files instead of
#  only the basenames of the logs, i.e. it will rotate 
#  already rotated files and recompress them, taking 
#  exponential time...)

/var/log/auth.log {
rotate 5
weekly
postrotate
/usr/bin/killall -HUP syslogd
endscript
}

/var/log/syslog {
rotate 5
weekly
postrotate
/usr/bin/killall -HUP syslogd
endscript
}

/var/log/user.log {
[snip]
...
#/var/log/syslog {
#
#postrotate
#/usr/bin/killall -HUP syslogd
#endscript
#
#}



... commenting out the second entry solved the error. My syslog file
has been getting alarmingly large as it hadn't rotated since late
november. I have no idea what caused this, as I've never touched this
file. Useful though - now I've had to learn about log rotation rather
than just assume it works.

tom

[expert] kdesu or drakConf problems

[Tom Strickland]

I can't open configuration tools such as draknet or DrakConf as a
normal user. If I start them as super user, then they work
fine. When I click the DrakConf icon as a normal user. I tried
starting it  from the command line, but couldn't get anything to
happen - I get:
execl() error, errno=13

If I start draknet, I get the kdesu dialogue box, then type in root's
password, then... nothing. No error messages, nothing in syslog
(except "session opened for root...session closed for root").

What's wrong with my system?

tom

[expert] syslog playing up

[Tom Strickland]

Another problem:
Recently the computer started freezing at startup unless I did the following:

1) start as single user
2) start syslog:
# /etc/rc.d/init.d/syslog start
3) carry on the startup (ctrl-d)

logrotate isn't working either - it complains:

# logrotate /etc/logrotate.conf
error: syslog:211 duplicate log entry for /var/log/syslog

The two problems may be separate - logrotate hasn't been working for a while.

tom

Re: [expert] syslog playing up

[Tom Strickland]

On Mon, Mar 05, 2001 at 01:06:49PM +0100, Matthias Grund wrote:
 Another problem:
 Recently the computer started freezing at startup unless I did the following:
 1) start as single user
 2) start syslog:
  # /etc/rc.d/init.d/syslog start
 3) carry on the startup (ctrl-d)
 Change the priority at which syslogs starts to a higher one by moving
 Sxxsyslog to S11syslog for example.

I'll try this, but I'm curious about why it's started doing this. I
think that it might have something to do with my accidentally shutting
down inetd in the belief that xinetd replaces it completely. When I
saw the computer saying that it had shut down logging, I restarted
inet. Since then, I've had problems.

Any ideas anyone?

tom

Re: [expert] Changing HD

[Tom Strickland]

I have tried the tar method:
# cd /var
# tar -cf - . ; (cd /var-new; tar xpf -)

... and got a load of warning messages to the effect of 'socket not
copied' for some files belonging to amavis and postfix. Looking
/usr/share/doc/tar-1.13.17/NEWS, I find that tar no longer archives
sockets. I have tried cp -a, but there were a few problems there
too. I will try again and see if I can nail the errors.
This raises a question: I'm about to get into backup, probably to
tape. I was going to use tar, but how can I backup partitions that may
contain sockets?

tom

On Wed, Feb 28, 2001 at 09:34:10AM -0800, John Wolford wrote:
 1. Throw in your second hard drive
 2. Format it and mount it - you can use diskdrake for this.
 3. Copy over your entire drive to it. Be sure to use the -a switch 
 # cp -a / /mnt/newdrive
 assuming you mounted it at /mnt/newdrive
 4. Pull your drives out and swap them over.
 5. Make sure your new drive is working fully and nothing unexpected happens before 
you destroy the
 data on the old drive.
 
 Here's an old message i posted awhile back that pertains to moving /usr (might as 
well be moving
 /) that i posted awhile back - it was a summary of a bunch of messages on the 
subject. Maybe you
 will find it helpful.
 
 
 Date: Thu, 25 Jan 2001 14:07:23 -0800 (PST) 
 From: John Wolford [EMAIL PROTECTED]  | Block address | Add to Address Book 
 To: [EMAIL PROTECTED] 
 Reply-to: [EMAIL PROTECTED] 
 Subject: [expert] Summary: How to move /usr to another partition 
  
  
 
 
 Greetings again,
 
 Thanks for all the replies re: How to move /usr to another partition? 
 It's nice to know that what
 i was working with SHOULD have worked, on principle. Here is a brief 
 summary of the "How to move
 /usr to another partition?" thread.
 
 1. Resize partition, using Partition Magic or some such thing. [this 
 will only work if you
 actually have the appropriate space on the drive, of course]
 
 All of the following assume that /usr will be duplicated somehow onto 
 /mnt/usr temporarily, then
 /etc/fstab will be updated to reflect the new location, reboot and 
 presto, you are mounting the
 new /usr.
 
 2. copy:
 # cp -a /usr /mnt
 
 3. tarball:
 # tar cvf /mnt/usr.tar /usr
 # cd /mnt
 # tar xvfp usr.tar
 (Note that this method requires enough free space to hold not just 
 mnt/usr but also /mnt/usr.tar)
 
or
 # tar cf - /usr | ( cd /mnt ; tar xvfp - )
or
 # cd /mnt
 # tar cf - -C /usr | tar xvpf
 (Note that these last two methods of tarballing only require enough 
 free space to hold /usr)
 
 Care must be taken to preserve relative links and file permissions if 
 either 2 or 3 is to work.
 Soft links do not support spanning partitions or devices and will cause 
 failures if this occurs.
 
 
 An aside: at the time that i was attempting this i was installing and 
 re-installing on various
 drives on the same system. It MAY have been the case that i had a swap 
 partition on the device
 that contained /usr and the device that contained the new /mnt/usr. If 
 this were true, it could
 have caused some problems, i don't know.
 
 
 Thanks again,
 John
 
 
 
 --- C Nielsen [EMAIL PROTECTED] wrote:
  Hello from the frozen north;
  
  I'm planing to upgrade my harddisl from an 8gig to a 20 gig and was wondering 
how to move over
  to the new drive with little or no pain.
  I'm running Mandrake 7.2.
  thanx
  -- 
  Linux Counter #188953
  Linux Machine #85790
  
 
 
 __
 Do You Yahoo!?
 Get email at your own domain with Yahoo! Mail. 
 http://personal.mail.yahoo.com/
 

Re: [expert] missing hd?

[Tom Strickland]

Attached are dmesg's from the two boots.
I am having other problems with my primary hd, unsure if they're related.
I originally bought a new motherboard due to DMA reset errors. I still
get them if I try to switch DMA on, but at least the computer doesn't
freeze anymore. I'm using an Abit KT7, so I'm downloading a new BIOS
patch. That comes after fixing this hdd problem (fix problems one at a
time); I think I might buy a new master hd before long anyway. I will
try juggling the cdrom/hdd - cdrom/hdc and get back to the list. Note
that windows sees hdd too (using fdisk of course, as with no windows
partitions it isn't going to turn up as D:).

tom

On Sat, Feb 24, 2001 at 10:43:34AM -0700, Rusty Carruth wrote:
 "J . A . Magallon" [EMAIL PROTECTED] wrote:
  ...
  Lets look at this (perhaps I have too much coffe also, and all that comes
  is stupid).
  If your disk is the slave in the first ide channel, it should be named hdb.
  So I assume you have one other hd and a cdrom. Lets suppose:
  Your hds are on the IDE 1: hda (the old) and hdb (as you should see it)
  Your cdrom is at hcd (master at IDE 2).
  And if your bios swaps your ide channels when booting from cd at IDE 2,
  and hdb becomes hdd ?
 
 Well, after watching the 'thread' for a while, I've noticed the following
 things:
 
 1 - arrangement seems to be:
 
   controller  channel   hdx  comments
 
   0   0   hda main drive as master
   0   1   ?   unknown
   1   0   hdc cdrom as master
   1   1   hdd hard drive as slave
 
 2 - when booting one way (the install cd, I think) /dev/hdd seems to
   work
 
 3 - when booting another way (off the installed system, I think) /dev/hdd
   seems to not work.
 
 
 Ok so I have a few questions and obvservations/theories:
 
 1 - something is different between how the install sets things up
   and how the installed system sets them up (duh!), such that
   the hard drive is either at /dev/hdc, or something else strange.
   Would it be possible to see the dmesg's from the two boots?
 
 2 - Rumor has it that hard drives don't like being slave to a
   cdrom drive, and/or that cdrom drives don't like to be
   master to a hard drive.  Have you tried putting the 2nd 
   hard drive as master over the cdrom or as slave to the 
   first hard drive?  (Assuming there is no hard drive there
   in hdb already! ;-)
 
 rc
 
 
 Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
 Voice: (480) 345-3621  SnailMail: Schlumberger ATE
 FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
 Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
 ICBM: 33 20' 44"N   111 53' 47"W
 


Linux version 2.2.17-21mdk ([EMAIL PROTECTED]) (gcc version 2.95.3 19991030 
(prerelease)) #1 Thu Oct 5 13:16:08 CEST 2000
Detected 800062 kHz processor.
ide_setup: hdd=ide-scsi
Console: colour VGA+ 80x25
Calibrating delay loop... 1595.80 BogoMIPS
Memory: 127608k/131008k available (1136k kernel code, 416k reserved, 1720k data, 128k 
init, 0k bigmem)
Dentry hash table entries: 16384 (order 5, 128k)
Buffer cache hash table entries: 131072 (order 7, 512k)
Page cache hash table entries: 32768 (order 5, 128k)
VFS: Diskquotas version dquot_6.4.0 initialized
CPU: L1 I Cache: 64K  L1 D Cache: 64K
CPU: L2 Cache: 256K
CPU: AMD Athlon(tm) Processor stepping 02
Checking 386/387 coupling... OK, FPU using exception 16 error reporting.
Checking 'hlt' instruction... OK.
POSIX conformance testing by UNIFIX
mtrr: v1.35a (19990819) Richard Gooch ([EMAIL PROTECTED])
PCI: PCI BIOS revision 2.10 entry at 0xfb430, last bus=1
PCI: Using configuration type 1
PCI: Probing PCI hardware
Linux NET4.0 for Linux 2.2
Based upon Swansea University Computer Society NET3.039
NET4: Unix domain sockets 1.0 for Linux NET4.0.
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP, IGMP
TCP: Hash tables configured (ehash 131072 bhash 65536)
Initializing RT netlink socket
Starting kswapd v 1.5 
Detected PS/2 Mouse Port.
Serial driver version 4.27 with MANY_PORTS MULTIPORT SHARE_IRQ enabled
ttyS00 at 0x03f8 (irq = 4) is a 16550A
ttyS01 at 0x02f8 (irq = 3) is a 16550A
pty: 256 Unix98 ptys configured
apm: BIOS version 1.2 Flags 0x07 (Driver version 1.13)
Real Time Clock Driver v1.09
RAM disk driver initialized:  16 RAM disks of 4096K size
Uniform Multi-Platform E-IDE driver Revision: 6.30
ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx
VP_IDE: IDE controller on PCI bus 00 dev 39
VP_IDE: chipset revision 16
VP_IDE: not 100% native mode: will probe irqs later
Split FIFO Configuration:  8 Primary buffers, threshold = 1/2
   8 Second. buffers, threshold = 1/2
ide0: BM-DMA at 0xe000-0xe007, BIOS settings: hda:DMA, hdb:pio
ide0: VIA Bus-Master (U)DMA Timing Config Success
ide1: BM-DMA at 0xe008-0xe00f, BIOS settings: hdc:DMA, hdd:DMA
ide1: VIA Bus-Master (U)DMA Timing 

Re: [expert] msec,Bastille,firewalls et. al.

[Tom Strickland]

In addition to what seems to be a reasonably thorough security effort,
try installing djbdns and kicking out BIND. Use postfix, not sendmail,
disable telnet/ftp (but you know these last three). I had this idea
for my network, what do people think:
Using kernel 2.4, it should be far easier to implement a fairly tight 
application proxy firewall. You can redirect all packets going to a
particular port number outside the network to a particular port number
on your machine. Very useful. I need to be able to force all email
through our system. There it can be scanned for viruses in both
directions, stripped of bad attachments (e.g. vbs, if I so wish). If
necessary and under strict circumstances, I can implement mail
monitoring on a per-account basis. I can prevent staff mis-using the
mail facilities for spamming. They can access another machine outside
the network (e.g. telnet or ssh, then jump from there) or they can use
a hotmail account, but they cannot send from the network.
The same can be said for web browsing. I can force all http traffic
through the web proxy. Not for purposes of filtering (it doesn't
work), more because it optimises the dialup connection's bandwidth to
proxy things, allows us to implement per-workstation monitoring (if
necessary) and ACLs for browsing the internet.
What do people think? Is this feasible using kernel 2.4? From my
reading of articles on SecurityPortal it is, but I could be wrong. I
have one more question: does NetFilter include user-based rules? I
mean allow this user through, but not that one, log this user but not
that one, if unusual traffic comes through, log the traffic *and* the
user. This would be extremely useful and already exists in commercial
firewalls.
Oh - and to pre-empt anyone that is against the notion of monitoring
users at work: I would be happy to argue in a separate thread, but not
this one. But to be brief:
The network belongs to a charity. We pay for dialup time at peak rate,
so mis-using that is stealing from the charity. As for mail, all mail
sent needs to be logged anyway. It is a document relating to clients
of the charity and therefore falls under the Data Protection Act
(United Kingdom) - they need to be able to ask to see all
correspondance. Therefore all email will be logged. Lastly: the
charity has a comparatively small budget. There have been problems
from time to time with mis-use of resources. This will put a stop to
that.

Anyway, I'm not interested in all that. Technically speaking, how
feasible is this under 2.4?

tom

[expert] missing hd?

[Tom Strickland]

Noticing that I only have 54 megs left on my / partition, I decided to
slot in a second hard drive on hdd and partition it up for /tmp /var
and a second swap. I created new mount points: /tmp2 /var2 and
formatted the hard drive using diskdrake. Problem: I accidentally left
one of the drive's old partitions mounted. diskdrake moaned, so I
unmounted and started again. Success. Then I restarted the machine
into single user mode to transfer things across and re-name the mount
points. Problem: hdd seems to have vanished. hdparm says:
# /sbin/hdparm /dev/hdd
/dev/hdd: Device not configured

hdd is no longer visible in diskdrake, so I tried restarting off the
cdrom to see if the install procedure could see the hard drive and its
partitions. It can and I successfully deleted the old partitions. Then
I restarted into standard boot-up - still no luck. I'm stumped!


tom

Re: [expert] missing hd?

[Tom Strickland]

On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote:
  Noticing that I only have 54 megs left on my / partition, I decided to
  slot in a second hard drive on hdd and partition it up for /tmp /var
  and a second swap. I created new mount points: /tmp2 /var2 and
  formatted the hard drive using diskdrake. Problem: I accidentally left
  one of the drive's old partitions mounted. diskdrake moaned, so I
  unmounted and started again. Success. Then I restarted the machine
  into single user mode to transfer things across and re-name the mount
  points. Problem: hdd seems to have vanished. hdparm says:
  # /sbin/hdparm /dev/hdd
  /dev/hdd: Device not configured
  
  hdd is no longer visible in diskdrake, so I tried restarting off the
  cdrom to see if the install procedure could see the hard drive and its
  partitions. It can and I successfully deleted the old partitions. Then
  I restarted into standard boot-up - still no luck. I'm stumped!
 
 Check if /dev/hdd still exists. If it is gone you'll have to recreate 
 it. I have no access to a Linux box right now, so I can't tell you how
 right now.

Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all
exist, and they have the same modification dates /mod settings as all
of the other /dev/hd? drives.
Still stumped!

tom

Re: [expert] missing hd?

[Tom Strickland]

On Fri, Feb 23, 2001 at 09:51:27AM -0800, Ron Heron wrote:
 Try #fdisk -l /dev/hdd
 This should paint a good picture for you of what the problem is.

#fdisk -l /dev/hdd
- gives no response (just a new cmd prompt)
#fdisk /dev/hdd
gives:
 Unable to open /dev/hdd

 --- Tom Strickland [EMAIL PROTECTED] wrote:
  On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote:
Noticing that I only have 54 megs left on my / partition, I decided
  to
slot in a second hard drive on hdd and partition it up for /tmp /var
and a second swap. I created new mount points: /tmp2 /var2 and
formatted the hard drive using diskdrake. Problem: I accidentally
  left
one of the drive's old partitions mounted. diskdrake moaned, so I
unmounted and started again. Success. Then I restarted the machine
into single user mode to transfer things across and re-name the
  mount
points. Problem: hdd seems to have vanished. hdparm says:
# /sbin/hdparm /dev/hdd
/dev/hdd: Device not configured

hdd is no longer visible in diskdrake, so I tried restarting off the
cdrom to see if the install procedure could see the hard drive and
  its
partitions. It can and I successfully deleted the old partitions.
  Then
I restarted into standard boot-up - still no luck. I'm stumped!
   
   Check if /dev/hdd still exists. If it is gone you'll have to recreate 
   it. I have no access to a Linux box right now, so I can't tell you how
   right now.




  Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all
  exist, and they have the same modification dates /mod settings as all
  of the other /dev/hd? drives.

Re: [expert] missing hd?

[Tom Strickland]

On Fri, Feb 23, 2001 at 11:43:27AM -0800, Ron Heron wrote:
 hmmm, are you sure it's on hdd?  hdd is the slave of the first ide slot. 
 If fdisk says no response, then it is truly missing!  how many beers did
 you have when you did this? :) 
Ah - if only I could ascribe this to beer! Too much coffee
perhaps... anyway, as I've already stated, if I restart from the
installer cd-rom and use diskdrake from there as part of the
installation procedure, I can see hdd with no problem. I even went
back in and re-created the partitions in the hope of shaking the
system into shape. Nope - still 'no hdd' in my normal bootup. I am
puzzled.



 --- Tom Strickland [EMAIL PROTECTED] wrote:
  On Fri, Feb 23, 2001 at 09:51:27AM -0800, Ron Heron wrote:
   Try #fdisk -l /dev/hdd
   This should paint a good picture for you of what the problem is.
  
  #fdisk -l /dev/hdd
  - gives no response (just a new cmd prompt)
  #fdisk /dev/hdd
  gives:
   Unable to open /dev/hdd
  
   --- Tom Strickland [EMAIL PROTECTED] wrote:
On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote:
  Noticing that I only have 54 megs left on my / partition, I
  decided
to
  slot in a second hard drive on hdd and partition it up for /tmp
  /var
  and a second swap. I created new mount points: /tmp2 /var2 and
  formatted the hard drive using diskdrake. Problem: I
  accidentally
left
  one of the drive's old partitions mounted. diskdrake moaned, so
  I
  unmounted and started again. Success. Then I restarted the
  machine
  into single user mode to transfer things across and re-name the
mount
  points. Problem: hdd seems to have vanished. hdparm says:
  # /sbin/hdparm /dev/hdd
  /dev/hdd: Device not configured
  
  hdd is no longer visible in diskdrake, so I tried restarting off
  the
  cdrom to see if the install procedure could see the hard drive
  and
its
  partitions. It can and I successfully deleted the old
  partitions.
Then
  I restarted into standard boot-up - still no luck. I'm stumped!
 
 Check if /dev/hdd still exists. If it is gone you'll have to
  recreate 
 it. I have no access to a Linux box right now, so I can't tell you
  how
 right now.
  
  
  
  
Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all
exist, and they have the same modification dates /mod settings as
  all
of the other /dev/hd? drives.
  
 
 
 =
 ^C
 quit
 :q
 exit
 ?
 help
 shit
 
 __
 Do You Yahoo!?
 Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/

Re: [expert] missing hd?

[Tom Strickland]

On Fri, Feb 23, 2001 at 03:06:56PM -0800, Ron Heron wrote:
 Tom, can you send me your /var/log/kernel/info file?  This is extremely
 puzzling.  What's the ouput of #mount -a ?

more info:
when I try to mount /dev/hdd1, I get:
#mount -t ext2 /dev/hdd1 /tmp/td
mount: /tmp/td is not a valid block device
?? I tried restarting to a rescue mode on the cdrom. There I found
that I can mount /dev/hdd1. I can also run /sbin/hdparm on it: the
info thus gleaned follows:
#hdparm /dev/hdd
/dev/hdd:
 multcount=  0 (off)
 I/O support  =  0 (default 16-bit)
 unmaskirq=  0 (off)
 using_dma=  0 (off)
 keepsettings =  0 (off)
 nowerr   =  0 (off)
 readonly =  0 (off)
 readahead=  8 (on)
 geometry = 4092/16/63, sectors = 4124736, start = 0

#/sbin/hdparm -I /dev/hdd
/dev/hdd:

 Model=TS2321A2, FwRev=.024, SerialNo=
JG9M8289
 Config={ HardSect NotMFM HdSw15uSec Fixed DTR10Mbs RotSpdTol.5% }
 RawCHS=4092/16/63, TrkSize=0, SectSize=0, ECCbytes=4
 BuffType=unknown, BuffSize=0kB, MaxMultSect=16, MultSect=off
 CurCHS=4092/16/63, CurSects=4124736, LBA=yes, LBAsects=4124736
 IORDY=on/off, tPIO={min:383,w/IORDY:120}, tDMA={min:120,rec:120}
 PIO modes: pio0 pio1 pio3 pio4 
 DMA modes: mdma0 mdma1 mdma2 udma0 udma1 *udma2 

I am confused!

 --- Tom Strickland [EMAIL PROTECTED] wrote:
  On Fri, Feb 23, 2001 at 11:43:27AM -0800, Ron Heron wrote:
   hmmm, are you sure it's on hdd?  hdd is the slave of the first ide
  slot. 
   If fdisk says no response, then it is truly missing!  how many beers
  did
   you have when you did this? :) 
  Ah - if only I could ascribe this to beer! Too much coffee
  perhaps... anyway, as I've already stated, if I restart from the
  installer cd-rom and use diskdrake from there as part of the
  installation procedure, I can see hdd with no problem. I even went
  back in and re-created the partitions in the hope of shaking the
  system into shape. Nope - still 'no hdd' in my normal bootup. I am
  puzzled.
  
  
  
   --- Tom Strickland [EMAIL PROTECTED] wrote:
On Fri, Feb 23, 2001 at 09:51:27AM -0800, Ron Heron wrote:
 Try #fdisk -l /dev/hdd
 This should paint a good picture for you of what the problem is.

#fdisk -l /dev/hdd
- gives no response (just a new cmd prompt)
#fdisk /dev/hdd
gives:
 Unable to open /dev/hdd

 --- Tom Strickland [EMAIL PROTECTED] wrote:
  On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote:
Noticing that I only have 54 megs left on my / partition, I
decided
  to
slot in a second hard drive on hdd and partition it up for
  /tmp
/var
and a second swap. I created new mount points: /tmp2 /var2
  and
formatted the hard drive using diskdrake. Problem: I
accidentally
  left
one of the drive's old partitions mounted. diskdrake moaned,
  so
I
unmounted and started again. Success. Then I restarted the
machine
into single user mode to transfer things across and re-name
  the
  mount
points. Problem: hdd seems to have vanished. hdparm says:
# /sbin/hdparm /dev/hdd
/dev/hdd: Device not configured

hdd is no longer visible in diskdrake, so I tried restarting
  off
the
cdrom to see if the install procedure could see the hard
  drive
and
  its
partitions. It can and I successfully deleted the old
partitions.
  Then
I restarted into standard boot-up - still no luck. I'm
  stumped!
   
   Check if /dev/hdd still exists. If it is gone you'll have to
recreate 
   it. I have no access to a Linux box right now, so I can't tell
  you
how
   right now.




  Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16)
  all
  exist, and they have the same modification dates /mod settings
  as
all
  of the other /dev/hd? drives.

   
   
   =
   ^C
   quit
   :q
   exit
   ?
   help
   shit
   
   __
   Do You Yahoo!?
   Yahoo! Auctions - Buy the things you want at great prices!
 http://auctions.yahoo.com/
 
 
 =
 ^C
 quit
 :q
 exit
 ?
 help
 shit
 
 __
 Do You Yahoo!?
 Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/

Re: [expert] missing hd?

[Tom Strickland]

On Sat, Feb 24, 2001 at 02:26:24AM +0100, J . A . Magallon wrote:
 
 On 02.24 Tom Strickland wrote:
On Fri, Feb 23, 2001 at 11:43:27AM -0800, Ron Heron wrote:
 hmmm, are you sure it's on hdd?  hdd is the slave of the first ide
slot. 
 AFAIK, hdd is the slave in the SECOND ide channel...

It's definitely hdd, plugged in as slave to the master of the 2nd ide
chain (the cdrom).

tom

Re: [expert] Fwd: rpm problems

[tom strickland]

What does
# rpm --rebuilddb
do?

Civileme

I should have mentioned that I have already tried this.
[root@lyra tom]# updatedb
[root@lura tom]# rpm --rebuilddb


Further checks on the rpm database reveal that some of the packages
that I recently updated using MandrakeUpdate seem to be duplicated
in the database:

tcsh
cups

... I'm not sure about any others...

tom

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

[expert] Fwd: rpm problems

[tom strickland]

I have been having problems getting rpm to work on mdk 7.2. At the
moment, when I try to upgrade cups by downloading the rpm, I get:
[root@lyra mdk7.2_updates]# rpm -Uvh cups-1.1.4-7.1mdk.i586.rpm
cups#
error getting record /bin/sh from //var/lib/rpm/requiredby.rpm
error getting record /bin/sh from //var/lib/rpm/requiredby.rpm

then cups appears to have installed correctly, but there are 2 copies:
[root@lyra mdk7.2_updates]# rpm -q cups
cups-1.1.4-3mdk
cups-1.1.4-7.1mdk

?? What's wrong with my setup ??

Furthermore, when I fire up MandrakeUpdate (problems there, too -
see below), and try to update a package, I get complaints of an
incorrectly signed package or faulty gnupg setup.

2nd problem (related?):
when I try to start MandrakeUpdate or DrakConf from the desktop,
nothing happens. When I try to start them from the command-line:

[tom@lyra tom]$ /usr/X11R6/bin/DrakConf
execl() error, errno=13

Now, I assume that you're supposed to execute DrakConf.real, because
that seems to work, but why won't clicking the desktop icon work?

Anyway, the main question remains the rpm database... can anyone
help?

Thanks,
Tom
_
Get more from the Web.  FREE MSN Explorer download : http://explorer.msn.com




Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

Re: [expert] will pci hardware modems work under kernel 2.4?

[tom strickland]

Thanks for all the replies. Thanks for setting me straight over serial ports 
too. Wish I could remember where I read it... Anyway, I'll use the 
'Linux/Modem Compatibility Knowledge Base' at the 'Winmodems are not modems' 
site: http://www.kcdata.com/~gromitkc/winmodem.html
to find a decent PCI modem. Thanks in particular to Sarang Lakare - exactly 
the info I was after!
Another guy sent me to this website, which contains excellent technical tips 
on tuning modems:
http://www.greencis.net/~ibi/mod.htm

Thanks to all

Tom
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.




Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

Re: [expert] will pci hardware modems work under kernel 2.4?

[tom strickland]

tom strickland wrote:
tomtell him to buy an external serial modem (not usb).

No! Soon it will be difficult to buy motherboards with ISA slots. No ISA 
slot - no ISA bus - no serial port. I need a future proof modem, as he 
will be upgrading his computer within the year. Personally, I would go for 
external (serial) and keep my current linux box as a 
gateway/masquarading/firewall box for the house network - but that's just 
me. My friend needs a PCI or USB modem that works under Linux. I know that 
PCI modems are more difficult to get working under linux (check out 
http://serial.sourceforge.net), and that things might get better under 2.4. 
Hence the question. Thanks for all the suggestions for known working pci 
modems (and the serial ones too), but:
a) it can be harder to get hold of these in the UK, with different model 
numbers, etc
b) I am curious about the more general issue of pci modems under kernel 2.4

thanks,
tom

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.




Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

[expert] will pci hardware modems work under kernel 2.4?

[tom strickland]

My friend is about to buy a modem, and he'd like it to be compatible with 
linux. Buying PCI would be more futureproof than isa or serial. I know that 
winmodems don't work under linux - most software modems in other words. I 
know that pci modems don't work on linux at the moment (not without 
fiddling, and then only some), but will they work under kernel 2.4?

thanks,

tom
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.




Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

Re: [expert] Re: tracking employees

[tom strickland]

snip
What you need to do is this:

Draft up a 'charter' for the use of the Internet within the company.

Make sure that this charter contains clauses such as "All Internet
resources are to be used for Company businss only", "The Company
reserves the right to monitor any and all Internet traffic to and from
the Company's site", "All e-mails to or from the Company's network are
the property of the Company", and "Failure to adhere to these clauses
may result in disciplinary action - serious breaches may result in the
employee's dismissal".

Issue a copy of this charter to any employees who may use the system,
and have them sign and return it to you.

You may wish to make this charter part of the employee's contract of
employment - many companies do in the UK.

This is exactly what I had in mind. As I've already made clear, I have  a 
much bigger problem with companies that don't clarify things in this way, 
allowing the company to gather data on their (admittedly naive) employees. I 
will make sure that everyone understands the situation - as you say, most 
will understand once things are explained.

Although some people talk of posting such logs on Company Intranet
sites, etc., this can sometimes be more trouble than it is worth.  Say
for example, an employee logs into a child pornography site - do you
really want that appearing to all your employees at your site, or would
you rather just quietly gather the information/evidence that you need in
order to assist the police in prosecution?  Also, by publishing the
logs, people can not only see what you are logging, but more
importantly, they can see what you are NOT logging.

Good point, I'll have to think about this.

Another aspect to consider is this.  I did not have time to check all
the logs, all the time.  I was often working over ninety hours a week as
it was - I was responsible for a WAN that covered sites up to 200 miles
away, and was on call 24/7.  So, I set up a random schedule of checking
a particular set of logs for a week or so, then changing to a different
set, etc.  I also allowed rumors to spread that I was logging/monitoring
more than I really was...

One problem: I have tried to set the network up to run as autonomously as 
possible. The logging has to be accessible to the Director, rather than 
myself, and possibly maintained by the information officer, so I do need a 
script to publish to the intranet or email the logs in some form. Perhaps a 
collation utility as well, to view monthly stats. I see your point when it 
comes to staff being able to find holes in the logging system, but without 
me being around to remind them that 'I can see you', they may forget. 
Everyone being able to see everyone will ensure that *no-one* forgets.

Anyway, the original post was more a question as to how to set this up 
inside the computer, rather than office protocol. I'm interested in scripts 
to monitor the traffic across a PPP connection, perhaps collate them and 
display them on the web.
Any ideas?
Thanks,

Tom


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

[expert] tracking network users' browsing of the web

[tom strickland]

I run a network for a charity (MIND in the UK), Win98 clients served by 
Linux-Mandrake, with a dialup Internet connection. We are about to open up 
the access to the internet, but my boss wants to be able to track what 
people browse. I came up with the plan of publishing a user's browsing logs 
on the intranet, so that the staff can see what is being browsed. Thus it's 
not just the director keeping an eye on people, but every member of staff, 
and the director doesn't escape scrutiny. We need to do it to keep the phone 
bill down (no personal browsing). My problem is this: how do I keep a log of 
what pages people are browsing?

Any ideas?
Thanks,
Tom

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

[expert] Re: tracking employees

[tom strickland]

snip
Since company time is an issue, you might want to consider blocking sports
sites, chat rooms, games, and maybe even porn sites. People are human and
it wouldn't be the first time an employee had a little fun on company time.
Then, if you still want to track them set an invisible cookie that can't be
disabled in  the browser.

Blocking software tends to either miss things that should be blocked or 
blocks the wrong things, so I'm trying to avoid that.

I'm curious about English law and not trying to insult you or start a flame
war. I'm in the US and am sure we have privacy groups that would complain
loudly about tracking an employee's viewing habits unless it was porn.

What is your countries policy on tracking employee web surfing?


I feel much the same way. The principle problem is money - it still costs a 
great deal to connect an office to the internet during the day through 
dialup. We really need to keep costs down and the Internet will only push 
them up. If we had a permanent connection to the Internet, I would feel 
worse about doing this, but I don't see any other way of going about it. I 
agree with you in spirit about the privacy principle, but don't see how it 
can be reconciled with the fact that employees shouldn't be using company 
time for ANY personal browsing. A clear privacy policy will be drawn up. 
There are other situations that would make me feel more uncomfortable:
1) Tracking employees, not telling (or reminding) them of this and using 
this tracking to deduce private information, such as political affiliation, 
sexual orientation...
2) Tracking of people online in a more general way. I'm worried about a 
possible employer being able to buy information about my browsing habits 
from the internet tracking firms, such as DoubleClick. I hasten to add that 
I think that there are much worse people than DoubleClick out there, 
possibly because DoubleClick are most in the public glare.

In short, I think that there is no enshrined right of privacy over here, but 
I don't think that one exists in the US either. If anything, the European 
Union is doing more to solve this, with privacy regulation that would cover 
this and, more importantly, case (2) above.

tom


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

Re: [expert] tracking network users' browsing of the web

[tom strickland]

I use nacctd and a perl tool that comes with it.  It gives the date/time,
the workstation's name and the site's name.  I run a cron job nightly that
emails this info to myself and my boss, you could just as easily put it on
a web page.

Stew Benedict

Thanks Stew, I'll take a look at it.

Tom

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

[expert] how do I switch DMA off?

[tom strickland]

OK - I accidentally allowed the install of 7.1 to enable DMA on a machine 
whose BIOS doesn't support it. Of course I'm getting crashes - luckily no 
data loss so far. I tried using hdparm to disable dma, bith on normal login 
and single user login, but each time the system freezes, and the next time 
that I start up, I get a kernel panic - I have to power cycle the machine. I 
also tried manipulating it using Webmin. I didn't think that it would work, 
and it didn't: another freeze.
When the system does freeze normally (i.e. when I'm not trying to fix the 
DMA) it complains (can't exactly remember the message, but it leads to DMA 
being switched off by the system).
What am I doing wrong?

Thanks in advance,
Tom

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com